On Wed, 10 Oct 2018, Antos Andras wrote:
Here Debian Alpine 2.20 does not core dump/segfault/crash, but the
password is still saved only if the passfile already exists (and same
with Alpine 2.21 in CentOS).
From the mail above, it seems this is intended, so rather a feature not a
bug, but this does not seem to be documented anywhere (apart from internet
forums), and alpine does not give any hint about this when it happens.
Dear Antos,
There is some documentation on password file support, which explains a
little bit about this issue. You can find it from the Main screen, press
"R" to read the release notes, and look for the link to the password file
support there.
I understand that security is important and saving passwords should not be
the default behavior when it is not expected. However, e.g., launching alpine
by the -passfile option (even with a nonexisting file) the user's
expectation is to use it, not silently ignore it, especially, suggested by
the help of Alpine saying:
-passfile <fully_qualified_filename>
Set the password file to something other than the default
I imagine that here we disagree about the meaning of what it means to
start a program with a non-existing file. If I start an editor with a path
to a non-existing file, the editor will create that file, but if I start a
web broser with a path to a non-existent file, I will not get a meaningful
startup. The purpose of the -passfile option is to use an existing file as
the place to save passwords. Alpine does not create password files on
behalf of users.
(Btw, either the default password file, which seems to vary among
versions and distributions, does not seem to be documented anywhere
around alpine, and should be traced by strace or string.)
There is no default password file, there is the one that people compile
into Alpine. If the Debian distributor compiles such support, they should
let users know what they built into it.
Besides stracing or using "string" you can run Alpine with debug level -9
to see the password file name in the .pine-debug file. I do not know if
Debian compiles debug files support into its distribution, but that is a
way to know it.
Also, here https://github.com/termux/termux-packages/issues/2023 one
finds reasonable complains about mandatory "master password" (password
for S/MIME key?) demonstrating that all in all the decision between
convenience and security should be left to the user's discretion with
reasonable defaults (even is not each user is very skilled).
The current development version of Alpine contains an internal way to
eliminate the password to encrypt the password file, so users need to
learn how to do this, for those that prefer the convenience of not having
to enter a password to unlock their password file.
--
Eduardo
https://tinyurl.com/yc377wlh (Web)
http://repo.or.cz/alpine.git (Git)
RSS: http://repo.or.cz/alpine.git/rss (Git updates)
RSS: https://tinyurl.com/ybj33j2a (Web updates)
